← Back

CVE-2012-0353

nvd nist
Published: Mar 15, 2012Modified: Apr 29, 2026

JSON object

Loading...
7.1
Vector
AV:N/AC:M/Au:N/C:N/I:N/A:C
Exploitability: 8.6 / Impact: 6.9
Source: NVD

Description

The UDP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.5), 8.3 before 8.3(2.22), 8.4 before 8.4(2.1), and 8.5 before 8.5(1.2) does not properly handle flows, which allows remote attackers to cause a denial of service (device reload) via a crafted series of (1) IPv4 or (2) IPv6 UDP packets, aka Bug ID CSCtq10441.

Affected (42)

Cisco
11 products
Adaptive Security Appliance Software
5500 Series Adaptive Security Appliance
Catalyst 6500
Catalyst 6503 E
Catalyst 6504 E
Catalyst 6506 E
Catalyst 6509 E
Catalyst 6509 Neb A
Catalyst 6509 V E
Catalyst 6513
Catalyst 6513 E
Configuration A
42 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Adaptive Security Appliance Software
Version 8.0.2
Adaptive Security Appliance Software
Version 8.0.3
Adaptive Security Appliance Software
Version 8.0.4
Adaptive Security Appliance Software
Version 8.0.5
Adaptive Security Appliance Software
Version 8.0
Adaptive Security Appliance Software
Version 8.0(2)
Adaptive Security Appliance Software
Version 8.0(3)
Adaptive Security Appliance Software
Version 8.0(4)
Adaptive Security Appliance Software
Version 8.0(5)
Adaptive Security Appliance Software
Version 8.1
Adaptive Security Appliance Software
Version 8.2.1
Adaptive Security Appliance Software
Version 8.2.2
Adaptive Security Appliance Software
Version 8.2.2 interim
Adaptive Security Appliance Software
Version 8.2.3
Adaptive Security Appliance Software
Version 8.2(1)
Adaptive Security Appliance Software
Version 8.2(2)
Adaptive Security Appliance Software
Version 8.2(3.9)
Adaptive Security Appliance Software
Version 8.2(3)
Adaptive Security Appliance Software
Version 8.2(4.1)
Adaptive Security Appliance Software
Version 8.2(4.4)
Adaptive Security Appliance Software
Version 8.2(4)
Adaptive Security Appliance Software
Version 8.2(5)
Adaptive Security Appliance Software
Version 8.3.1
Adaptive Security Appliance Software
Version 8.3.1 interim
Adaptive Security Appliance Software
Version 8.3.2
Adaptive Security Appliance Software
Version 8.3(1)
Adaptive Security Appliance Software
Version 8.3(2)
Adaptive Security Appliance Software
Version 8.4
Adaptive Security Appliance Software
Version 8.4(1.11)
Adaptive Security Appliance Software
Version 8.4(1)
Adaptive Security Appliance Software
Version 8.4(2)
Adaptive Security Appliance Software
Version 8.5
5500 Series Adaptive Security Appliance
All versions
Catalyst 6500
All versions
Catalyst 6503 E
All versions
Catalyst 6504 E
All versions
Catalyst 6506 E
All versions
Catalyst 6509 E
All versions
Catalyst 6509 Neb A
All versions
Catalyst 6509 V E
All versions
Catalyst 6513
All versions
Catalyst 6513 E
All versions

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (12)

Source: psirt@cisco.com
Source: psirt@cisco.com
Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Source: psirt@cisco.com
Source: psirt@cisco.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.